PNC Bank 2014 Annual Report Download - page 89

Download and view the complete annual report

Please find page 89 of the 2014 PNC Bank annual report below. You can navigate through the pages in the report by either clicking on the pages listed below, or by using the keyword search tool below to find specific information within the annual report.

Page out of 268

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128
  • 129
  • 130
  • 131
  • 132
  • 133
  • 134
  • 135
  • 136
  • 137
  • 138
  • 139
  • 140
  • 141
  • 142
  • 143
  • 144
  • 145
  • 146
  • 147
  • 148
  • 149
  • 150
  • 151
  • 152
  • 153
  • 154
  • 155
  • 156
  • 157
  • 158
  • 159
  • 160
  • 161
  • 162
  • 163
  • 164
  • 165
  • 166
  • 167
  • 168
  • 169
  • 170
  • 171
  • 172
  • 173
  • 174
  • 175
  • 176
  • 177
  • 178
  • 179
  • 180
  • 181
  • 182
  • 183
  • 184
  • 185
  • 186
  • 187
  • 188
  • 189
  • 190
  • 191
  • 192
  • 193
  • 194
  • 195
  • 196
  • 197
  • 198
  • 199
  • 200
  • 201
  • 202
  • 203
  • 204
  • 205
  • 206
  • 207
  • 208
  • 209
  • 210
  • 211
  • 212
  • 213
  • 214
  • 215
  • 216
  • 217
  • 218
  • 219
  • 220
  • 221
  • 222
  • 223
  • 224
  • 225
  • 226
  • 227
  • 228
  • 229
  • 230
  • 231
  • 232
  • 233
  • 234
  • 235
  • 236
  • 237
  • 238
  • 239
  • 240
  • 241
  • 242
  • 243
  • 244
  • 245
  • 246
  • 247
  • 248
  • 249
  • 250
  • 251
  • 252
  • 253
  • 254
  • 255
  • 256
  • 257
  • 258
  • 259
  • 260
  • 261
  • 262
  • 263
  • 264
  • 265
  • 266
  • 267
  • 268

Working Groups – Where appropriate, management will
also form ad hoc groups (working groups) to address
specific risk topics and report to a working committee or
corporate committee. These working groups generally
have a more narrow scope and may be limited in their
duration.
Policies and Procedures – PNC has established risk
management policies and procedures to provide
direction, guidance, and clarity on roles and
responsibilities to management and the Board of
Directors. These policies and procedures are organized in
a multi-tiered framework and require periodic review and
approval by relevant committees within the governance
structure.
Business Activities – Our businesses strive to enhance
risk management and internal control processes.
Integrated and comprehensive processes are designed to
adequately identify, measure, manage, monitor, and
report risks which may significantly impact each
business.
Risk Identification and Quantification
Risk identification takes place across a variety of risk types
throughout the organization. These risk types consist of, but
are not limited to, credit, operational, compliance, market,
liquidity and model. Risks are identified based on a balanced
use of analytical tools and management judgment for both on-
and off-balance sheet exposures. Our governance structure
supports risk identification by facilitating assessment of key
risk issues, emerging risks, and idiosyncratic risks and
implementation of mitigation strategies as appropriate. These
risks are prioritized based on quantitative and qualitative
analysis and assessed against the risk appetite. Multiple tools
and approaches are used to help identify and prioritize risks,
including Risk Appetite Metrics, Key Risk Indicators (KRIs),
Key Performance Indicators (KPIs), Risk Control and Self-
Assessments (RCSAs), scenario analysis, stress testing,
special investigations and controls.
Risks are aggregated and assessed within and across risk
functions or businesses. The aggregated risk information is
reviewed and reported at an enterprise level for adherence to
the risk appetite as established through the policy framework
and approved by the Board of Directors or by appropriate
managing committees. This enterprise aggregation and
reporting approach promotes the identification and appropriate
escalation of material risks across the organization and
supports an understanding of the cumulative impact of risk in
relation to our risk appetite.
Risk Control and Limits
PNC uses a multi-tiered risk policy, procedure, and committee
charter framework to provide direction and guidance for
identifying, decisioning, monitoring, communicating and
managing risk, including appropriate processes to escalate
control parameter exceptions when applicable.
Risk controls and limits provide the linkage from PNC’s Risk
Appetite Statement and associated guiding principles to the
risk taking activities of our businesses. Risk limits are
quantitative measures, including forward looking assumptions,
which allocate the firm’s aggregate risk appetite statement to
lines of business and functional risk areas. They are
established within policy across risk categories and are
embedded within each risk appetite description.
When setting risk limits, PNC considers major risks, aligns
with the established risk appetite, balances risk-reward,
leverages analytics including stressed scenarios along with
historical data, and adjusts limits in a timely manner in
response to changes in internal and external environments.
Quantitative and qualitative operating guidelines support risk
limits and serve as an early warning system for potential
violations of the limits. These operating guidelines trigger
mitigation strategies and management escalation protocols if
limits are breached.
PNC’s control structure is balanced in terms of efficiency and
effectiveness with the risks that we are willing to take, as
defined by our risk appetite. Controls are in place across the
risk taxonomy to monitor established risk limits.
Risk Monitoring and Reporting
PNC uses similar tools to monitor and report risk as when
performing Risk Identification. These tools include Risk
Appetite Metrics, KRIs, KPIs, RCSAs, scenario analysis,
stress testing, special investigations and controls.
The risk identification and quantification processes, the risk
control and limits reviews, and the tools used for risk
monitoring provide the basis for risk reporting. The objective
of risk reporting is comprehensive risk aggregation and
transparent communication of aggregated risks, issues, risk
level compared to appetite, outlook as well as mitigation
strategies where appropriate, to the Risk Committee of the
Board of Directors, Corporate Committees, Working
Committees and other designated parties for effective decision
making.
Risk reports are produced at the line of business level,
functional risk level and the enterprise level. The enterprise
level risk report aggregates risks identified in the functional
and business reports to define the enterprise risk profile. The
enterprise risk profile is a point-in-time assessment of
enterprise risk. The risk profile represents PNC’s overall risk
position in relation to the desired enterprise risk appetite and
overall risk capacity. The determination of the enterprise risk
profile is based on analysis of quantitative reporting of risk
limits and other measures along with qualitative assessments.
Quarterly aggregation of our risk profile enables a clear view
of our risk level relative to our quantitative risk appetite and
overall risk capacity. The enterprise level report is provided
through the governance structure to the Board of Directors.
The PNC Financial Services Group, Inc. – Form 10-K 71